package com.aaa.security;

import com.aaa.entity.AuthUser;
import com.aaa.service.impl.MenuServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Collection;

/**
 * @ClassName: RbacConfig
 * @Description: TODO
 * @Author: 86139
 * @Date: 2021/8/25 20:51
 * @Version:1.0
 * 基于Api鉴权
 **/
@Component
@Slf4j
public class RbacConfig {
    @Resource
    MenuServiceImpl menuService;
    public boolean hasPermission(Authentication authentication, HttpServletRequest request){
        log.info(">>>>>>>>>>>>>>");
        Object principal = authentication.getPrincipal();
        log.info("principal---"+principal.toString());
        if(principal.equals("anonymousUser")){
            return false;
        }else{
            AuthUser authUser=(AuthUser)principal;
//            Collection<? extends GrantedAuthority> authorities = authUser.getAuthorities();
            String authorities = menuService.quanxian(authUser.getRid());
            log.info("authorities----"+authorities);
            String uri = request.getRequestURI();
            String substring = uri.substring(1, uri.indexOf("/", 1));
            log.info("substring---"+substring);
            boolean contains = authorities.contains(substring);
            System.out.println("contains>>>>"+contains);
            log.info(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>");

            if(contains){
                return true;
            }
            return false;
        }
    }
}
